<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">
<meta name="generator" content="Hexo 5.0.2">
  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">

<link rel="stylesheet" href="/css/main.css">



<link rel="stylesheet" href="//cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.14.0/css/all.min.css">
  <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/animate.css@3.1.1/animate.min.css">

<script class="hexo-configurations">
    var NexT = window.NexT || {};
    var CONFIG = {"hostname":"wanglong_kevin.gitee.io","root":"/","scheme":"Gemini","version":"8.0.0-rc.5","exturl":false,"sidebar":{"position":"left","display":"post","padding":18,"offset":12},"copycode":false,"bookmark":{"enable":false,"color":"#222","save":"auto"},"fancybox":false,"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"motion":{"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"fadeInDown","post_body":"fadeInDown","coll_header":"fadeInLeft","sidebar":"fadeInUp"}},"prism":false};
  </script>

  <meta name="description" content="什么是扫描器我们来捋一下网络攻击的流程，一般网络攻击有两种类型，一种是目标是固定的某个网站、某个企业内网或者是个人、家庭的主机，那么在攻击的第一阶段也就是嗅探阶段，你想知道对方开放了哪些端口，提供了哪些服务，是不是已经存在了一些漏洞，这样你就可以直接利用这些漏洞，如果不存在就可能需要通过钓鱼等植入木马制造漏洞。">
<meta property="og:type" content="article">
<meta property="og:title" content="一文读懂扫描器">
<meta property="og:url" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/index.html">
<meta property="og:site_name" content="冬天里的小木屋">
<meta property="og:description" content="什么是扫描器我们来捋一下网络攻击的流程，一般网络攻击有两种类型，一种是目标是固定的某个网站、某个企业内网或者是个人、家庭的主机，那么在攻击的第一阶段也就是嗅探阶段，你想知道对方开放了哪些端口，提供了哪些服务，是不是已经存在了一些漏洞，这样你就可以直接利用这些漏洞，如果不存在就可能需要通过钓鱼等植入木马制造漏洞。">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/c5305a27f5b0c0061cc41229410d547d.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/f0327f5e6acec9d979084b2bfb413b5e.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/038ec7a1ffbaaa388716b33854d5155a.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/f5287d52e25b56a59b6bbd5716fd874a.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/9c9c5ff5e03bdaba8057566b65c33a83.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/542d8ce35bfb8aa194da6416917d1315.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/f621d72549628cd4b33d25fc1cab2d9c.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/d6784656200c781b799425378df66ad2.png">
<meta property="og:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/28808cec019b17d32e13f8d27a049dfe.png">
<meta property="article:published_time" content="2020-08-10T06:50:24.000Z">
<meta property="article:modified_time" content="2020-08-10T06:50:24.000Z">
<meta property="article:author" content="Kevin">
<meta property="article:tag" content="网络安全">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://wanglong_kevin.gitee.io/2020/08/10/scanner/c5305a27f5b0c0061cc41229410d547d.png">


<link rel="canonical" href="https://wanglong_kevin.gitee.io/2020/08/10/scanner/">


<script class="page-configurations">
  // https://hexo.io/docs/variables.html
  CONFIG.page = {
    sidebar: "",
    isHome : false,
    isPost : true,
    lang   : 'zh-CN'
  };
</script>

  <title>一文读懂扫描器 | 冬天里的小木屋</title>
  






  <noscript>
  <style>
  body { margin-top: 2rem; }

  .use-motion .menu-item,
  .use-motion .sidebar,
  .use-motion .post-block,
  .use-motion .pagination,
  .use-motion .comments,
  .use-motion .post-header,
  .use-motion .post-body,
  .use-motion .collection-header {
    visibility: visible;
  }

  .use-motion .header,
  .use-motion .site-brand-container .toggle,
  .use-motion .footer { opacity: initial; }

  .use-motion .site-title,
  .use-motion .site-subtitle,
  .use-motion .custom-logo-image {
    opacity: initial;
    top: initial;
  }

  .use-motion .logo-line {
    transform: scaleX(1);
  }

  .search-pop-overlay, .sidebar-nav { display: none; }
  .sidebar-panel { display: block; }
  </style>
</noscript>

</head>

<body itemscope itemtype="http://schema.org/WebPage" class="use-motion">
  <div class="headband"></div>

  <main class="main">
    <header class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏">
        <span class="toggle-line"></span>
        <span class="toggle-line"></span>
        <span class="toggle-line"></span>
    </div>
  </div>

  <div class="site-meta">

    <a href="/" class="brand" rel="start">
      <i class="logo-line"></i>
      <h1 class="site-title">冬天里的小木屋</h1>
      <i class="logo-line"></i>
    </a>
      <p class="site-subtitle" itemprop="description">The Winter Room</p>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger">
    </div>
  </div>
</div>



<nav class="site-nav">
  <ul class="main-menu menu">
        <li class="menu-item menu-item-home">

    <a href="/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a>

  </li>
        <li class="menu-item menu-item-tags">

    <a href="/tags/" rel="section"><i class="fa fa-tags fa-fw"></i>标签</a>

  </li>
        <li class="menu-item menu-item-categories">

    <a href="/categories/" rel="section"><i class="fa fa-th fa-fw"></i>分类</a>

  </li>
        <li class="menu-item menu-item-archives">

    <a href="/archives/" rel="section"><i class="fa fa-archive fa-fw"></i>归档</a>

  </li>
  </ul>
</nav>




</div>
        
  
  <div class="toggle sidebar-toggle">
    <span class="toggle-line"></span>
    <span class="toggle-line"></span>
    <span class="toggle-line"></span>
  </div>

  <aside class="sidebar">

    <div class="sidebar-inner sidebar-nav-active sidebar-toc-active">
      <ul class="sidebar-nav">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <!--noindex-->
      <section class="post-toc-wrap sidebar-panel">
          <div class="post-toc animated"><ol class="nav"><li class="nav-item nav-level-3"><a class="nav-link" href="#%E4%BB%80%E4%B9%88%E6%98%AF%E6%89%AB%E6%8F%8F%E5%99%A8"><span class="nav-number">1.</span> <span class="nav-text">什么是扫描器</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#%E7%AB%AF%E5%8F%A3%E6%89%AB%E6%8F%8F"><span class="nav-number">1.1.</span> <span class="nav-text">端口扫描</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#%E6%BC%8F%E6%B4%9E%E6%89%AB%E6%8F%8F"><span class="nav-number">1.2.</span> <span class="nav-text">漏洞扫描</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#%E6%B5%B7%E5%95%B8-tsunami"><span class="nav-number">2.</span> <span class="nav-text">海啸(tsunami)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#%E6%B5%B7%E5%95%B8%E6%89%AB%E6%8F%8F%E5%99%A8%E4%BC%98%E7%BC%BA%E7%82%B9%E6%80%BB%E7%BB%93"><span class="nav-number">3.</span> <span class="nav-text">海啸扫描器优缺点总结</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#%E5%B7%A1%E9%A3%8E%E6%89%AB%E6%8F%8F%E7%B3%BB%E7%BB%9F"><span class="nav-number">4.</span> <span class="nav-text">巡风扫描系统</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#%E7%B3%BB%E7%BB%9F%E6%BC%94%E7%A4%BA"><span class="nav-number">5.</span> <span class="nav-text">系统演示</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#%E4%B8%80%E5%BC%A0%E4%BB%B7%E5%80%BC%E7%99%BE%E4%B8%87%E7%9A%84%E5%85%A8%E7%BD%91%E6%BC%8F%E6%89%AB%E4%BB%A5%E5%8F%8A%E6%BC%8F%E6%B4%9E%E5%88%A9%E7%94%A8%E7%B3%BB%E7%BB%9F%E6%9E%B6%E6%9E%84%E5%9B%BE"><span class="nav-number">6.</span> <span class="nav-text">一张价值百万的全网漏扫以及漏洞利用系统架构图</span></a></li></ol></div>
      </section>
      <!--/noindex-->

      <section class="site-overview-wrap sidebar-panel">
        <div class="site-author animated" itemprop="author" itemscope itemtype="http://schema.org/Person">
    <img class="site-author-image" itemprop="image" alt="Kevin"
      src="/images/avatar.jpg">
  <p class="site-author-name" itemprop="name">Kevin</p>
  <div class="site-description" itemprop="description">NOT a coder, but an artist.</div>
</div>
<div class="site-state-wrap animated">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
          <a href="/archives/">
        
          <span class="site-state-item-count">8</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
            <a href="/categories/">
          
        <span class="site-state-item-count">3</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
            <a href="/tags/">
          
        <span class="site-state-item-count">11</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>



      </section>
    </div>
  </aside>
  <div class="sidebar-dimmer"></div>


    </header>

    
  <div class="back-to-top">
    <i class="fa fa-arrow-up"></i>
    <span>0%</span>
  </div>

<noscript>
  <div class="noscript-warning">Theme NexT works best with JavaScript enabled</div>
</noscript>


    <div class="main-inner post posts-expand">
      

      

    
  
  
  <article itemscope itemtype="http://schema.org/Article" class="post-block" lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="https://wanglong_kevin.gitee.io/2020/08/10/scanner/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.jpg">
      <meta itemprop="name" content="Kevin">
      <meta itemprop="description" content="NOT a coder, but an artist.">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="冬天里的小木屋">
    </span>

    
    
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          一文读懂扫描器
        </h1>

        <div class="post-meta">
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-calendar"></i>
              </span>
              <span class="post-meta-item-text">发表于</span>

              <time title="创建时间：2020-08-10 14:50:24" itemprop="dateCreated datePublished" datetime="2020-08-10T14:50:24+08:00">2020-08-10</time>
            </span>

          

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody">
        <h3 id="什么是扫描器"><a href="#什么是扫描器" class="headerlink" title="什么是扫描器"></a>什么是扫描器</h3><p>我们来捋一下网络攻击的流程，一般网络攻击有两种类型，一种是目标是固定的某个网站、某个企业内网或者是个人、家庭的主机，那么在攻击的第一阶段也就是嗅探阶段，你想知道对方开放了哪些端口，提供了哪些服务，是不是已经存在了一些漏洞，这样你就可以直接利用这些漏洞，如果不存在就可能需要通过钓鱼等植入木马制造漏洞。<a id="more"></a> 还有一种攻击类型，是利用的漏洞是固定的，但是目标是不固定的，当手上有一个漏洞利用方法时，尤其是0day时，想快速大范围应用，这样你就得要能快速检索出有此漏洞的主机。例如各种未授权漏洞，像mongodb redis，只要找到对应的ip 端口，就能进行数据勒索。扫描器就是这样一个能自动化的快速搜集端口主机信息，验证是否存在漏洞的工具系统。一般分为端口扫描和漏洞扫描两部分。</p>
<h4 id="端口扫描"><a href="#端口扫描" class="headerlink" title="端口扫描"></a>端口扫描</h4><p>一些网络空间搜索引擎背后实际就是一个大型的端口扫描器,比较出名的例如<a target="_blank" rel="noopener" href="https://monitor.shodan.io/">shodan</a>，<a target="_blank" rel="noopener" href="https://www.zoomeye.org/">ZoomEye</a>。    
开源的比较出名的端口扫描工具有nmap、masscan、zmap等，其中nmap功能最为丰富强大，masscan、zmap速度上更有优势，其中zmap 号称普通台式机45分钟扫描全网的IPv4地址空间，特殊条件下 <strong>5</strong> 分钟扫全网的ipv4地址空间，masscan 号称6分钟。nmap没有自己号称这个数据，因为它获取的信息更多，影响因素更多，无法做横向比较，根据以前的经验，扫描常用端口，10台机器需要一个月以上。
nmap的功能很丰富，能够获取端口状态，service，banner，主机OS等信息，扫描方式也支持多种，tcp全开扫描、半开扫描，udp扫描。
作为企业内部扫描，不存在性能问题，因为高速率扫描，会占满带宽，导致整个内网瘫痪。</p>
<h4 id="漏洞扫描"><a href="#漏洞扫描" class="headerlink" title="漏洞扫描"></a>漏洞扫描</h4><p>漏洞扫描主要是基于端口扫描的结果来进行一个poc程序的验证过程，漏扫系统说白了就是一个批量处理poc程序的框架。所以这个框架对poc程序的友好性很重要。poc 程序的类型有很多种，以脚本语言居多，所以习惯性叫poc脚本。在<a target="_blank" rel="noopener" href="https://www.exploit-db.com/">ExploitDB</a>上我们可以对此有一个验证。作为一个批处理框架，它有一些共同的要素：</p>
<ul>
<li>poc脚本信息规范
  框架需要有一个规范，让poc自己填好相关描述信息，好让框架来进行管理和展示</li>
<li>输入输出规范
 一般有统一的入口函数名称以及参数，对结果有一个统一的返回值</li>
<li>封装通用的API
 对一些常用的操作有个更简洁的封装，例如socket连接等
总体而言，对于一个企业内部的应用场景而言，扫描器系统复杂度和技术难度都不高，如果是针对全网则复杂度则要高出很多很多。   <h3 id="海啸-tsunami"><a href="#海啸-tsunami" class="headerlink" title="海啸(tsunami)"></a>海啸(tsunami)</h3><blockquote>
<p>Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.</p>
</blockquote>
</li>
</ul>
<p>Google 刚开源不久，目前还没有什么有价值的第三方的使用分析。海啸扫描器实际分为两部分，两个repo。</p>
<ul>
<li><p><a target="_blank" rel="noopener" href="https://github.com/google/tsunami-security-scanner">主体框架部分</a> 
海啸与一般扫描器不同，端口扫描部分也是通过插件模块来实现的，所以主体框架部分就只有一个框架，用java语言来实现。具体有以下几种功能：</p>
<ol>
<li><p>定义了工作流，先进行端口扫描，再根据端口扫描的结果来进行漏洞扫描。
<img src="c5305a27f5b0c0061cc41229410d547d.png">
采用的端口扫描的命令以及参数具体为：
nmap –unprivileged -Pn -n -sT -sV –version-intensity 5 -T4 –script banner 127.0.0.1 -oX  </p>
</li>
<li><p>封装通用的公共API
插件头部可以import很多现成的API
 <img src="f0327f5e6acec9d979084b2bfb413b5e.png"></p>
</li>
<li><p>定义插件格式，要求
 插件信息
<img src="038ec7a1ffbaaa388716b33854d5155a.png">
 输出规范
<img src="f5287d52e25b56a59b6bbd5716fd874a.png"></p>
</li>
</ol>
<p><img src="9c9c5ff5e03bdaba8057566b65c33a83.png">
这个数据让此项目成为github周榜第一。</p>
<ul>
<li><a target="_blank" rel="noopener" href="https://github.com/google/tsunami-security-scanner-plugins">插件部分</a> 
截至当前(2020-08-05)，一共有6个插件，除去端口扫描必选的nmap外，有两大类五个插件，分别为：<ol>
<li>UI未授权漏洞检测
hadoop、jenkins、 jupyter、 wordpress UI未授权漏洞检测</li>
<li>弱口令检查
利用ncrack工具，ncrack弱口令检查</li>
</ol>
</li>
</ul>
</li>
</ul>
<p>   <img src="542d8ce35bfb8aa194da6416917d1315.png">
   <img src="f621d72549628cd4b33d25fc1cab2d9c.png"></p>
<pre><code>  目前的社区活跃度不是很高。</code></pre>
<h3 id="海啸扫描器优缺点总结"><a href="#海啸扫描器优缺点总结" class="headerlink" title="海啸扫描器优缺点总结"></a>海啸扫描器优缺点总结</h3><p> 优点：暂无发现特别之处。<br> 缺点：对poc程序友好性差，整体框架选择Java语言开发，到目前为止不支持python或者其他脚本语言的插件支持。这就意味着对插件的扩展的灵活度不够高，而且插件社区目前还不够活跃。 细节方面对插件运行时间无限制， 无扫描速率的相关配置。
 <img src="d6784656200c781b799425378df66ad2.png"></p>
<h3 id="巡风扫描系统"><a href="#巡风扫描系统" class="headerlink" title="巡风扫描系统"></a>巡风扫描系统</h3><h3 id="系统演示"><a href="#系统演示" class="headerlink" title="系统演示"></a><a target="_blank" rel="noopener" href="http://127.0.0.1:8000/login">系统演示</a></h3><p> 优点：采用python 框架，插件标准简洁，并且支持其他漏洞库<a target="_blank" rel="noopener" href="https://github.com/opensec-cn/kunpeng">（Kunpeng）</a>自动更新。</p>
 <figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br></pre></td><td class="code"><pre><span class="line"></span><br><span class="line"># coding:utf-8</span><br><span class="line"></span><br><span class="line">import ftplib</span><br><span class="line"></span><br><span class="line">def get_plugin_info():  # 插件描述信息</span><br><span class="line">                          plugin_info &#x3D; &#123;</span><br><span class="line">        &quot;name&quot;: &quot;FTP弱口令&quot;,</span><br><span class="line">        &quot;info&quot;: &quot;导致敏感信息泄露，严重情况可导致服务器被入侵控制。&quot;,</span><br><span class="line">        &quot;level&quot;: &quot;高危&quot;,</span><br><span class="line">        &quot;type&quot;: &quot;弱口令&quot;,</span><br><span class="line">        &quot;author&quot;: &quot;wolf@YSRC&quot;,</span><br><span class="line">        &quot;url&quot;: &quot;&quot;,</span><br><span class="line">        &quot;keyword&quot;: &quot;server:ftp&quot;,  # 推荐搜索关键字</span><br><span class="line">    </span><br><span class="line">                          &#125;</span><br><span class="line">    return plugin_info</span><br><span class="line"></span><br><span class="line">def check(ip, port, timeout): # 漏洞检测代码</span><br><span class="line">    user_list &#x3D; [&#39;ftp&#39;, &#39;www&#39;, &#39;admin&#39;, &#39;root&#39;, &#39;db&#39;, &#39;wwwroot&#39;, &#39;data&#39;, &#39;web&#39;]</span><br><span class="line">    for user in user_list:</span><br><span class="line">        for pass_ in PASSWORD_DIC:  # 密码字典无需定义，程序会自动为其赋值。</span><br><span class="line">            pass_ &#x3D; str(pass_.replace(&#39;&#123;user&#125;&#39;, user))</span><br><span class="line">            try:</span><br><span class="line">                ftp &#x3D; ftplib.FTP()</span><br><span class="line">                ftp.timeout &#x3D; timeout</span><br><span class="line">                ftp.connect(ip, port)</span><br><span class="line">                ftp.login(user, pass_)</span><br><span class="line">                if pass_ &#x3D;&#x3D; &#39;&#39;: pass_ &#x3D; &#39;null&#39;</span><br><span class="line">                if user &#x3D;&#x3D; &#39;ftp&#39; and pass_ &#x3D;&#x3D; &#39;ftp&#39;: return u&quot;可匿名登录&quot;</span><br><span class="line">                return u&quot;存在弱口令，账号：%s，密码：%s&quot; % (user, pass_)  # 成功返回结果，内容显示在扫描结果页面。</span><br><span class="line">            except:</span><br><span class="line">                pass</span><br></pre></td></tr></table></figure>

<p> <a target="_blank" rel="noopener" href="https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/exposedui/jenkins/src/main/java/com/google/tsunami/plugins/detectors/exposedui/jenkins">海啸插件代码</a></p>
<h3 id="一张价值百万的全网漏扫以及漏洞利用系统架构图"><a href="#一张价值百万的全网漏扫以及漏洞利用系统架构图" class="headerlink" title="一张价值百万的全网漏扫以及漏洞利用系统架构图"></a>一张价值百万的全网漏扫以及漏洞利用系统架构图</h3><p>   <img src="28808cec019b17d32e13f8d27a049dfe.png"></p>

    </div>

    
    
    

      <footer class="post-footer">
          <div class="post-tags">
              <a href="/tags/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/" rel="tag"># 网络安全</a>
          </div>

        

          <div class="post-nav">
            <div class="post-nav-item">
                <a href="/2019/09/26/bpf/" rel="prev" title="BPF & XDP 知识分享">
                  <i class="fa fa-chevron-left"></i> BPF & XDP 知识分享
                </a>
            </div>
            <div class="post-nav-item">
            </div>
          </div>
      </footer>
    
  </article>
  
  
  



      

<script>
  window.addEventListener('tabs:register', () => {
    let { activeClass } = CONFIG.comments;
    if (CONFIG.comments.storage) {
      activeClass = localStorage.getItem('comments_active') || activeClass;
    }
    if (activeClass) {
      const activeTab = document.querySelector(`a[href="#comment-${activeClass}"]`);
      if (activeTab) {
        activeTab.click();
      }
    }
  });
  if (CONFIG.comments.storage) {
    window.addEventListener('tabs:click', event => {
      if (!event.target.matches('.tabs-comment .tab-content .tab-pane')) return;
      const commentClass = event.target.classList[1];
      localStorage.setItem('comments_active', commentClass);
    });
  }
</script>

    </div>
  </main>

  <footer class="footer">
    <div class="footer-inner">
      

      

<div class="copyright">
  
  &copy; 
  <span itemprop="copyrightYear">2020</span>
  <span class="with-love">
    <i class="user"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">Kevin</span>
</div>
  <div class="powered-by">由 <a href="https://hexo.io/" class="theme-link" rel="noopener" target="_blank">Hexo</a> & <a href="https://theme-next.js.org/" class="theme-link" rel="noopener" target="_blank">NexT.Gemini</a> 强力驱动
  </div>

      








    </div>
  </footer>

  
  <script src="//cdn.jsdelivr.net/npm/animejs@3.2.0/lib/anime.min.js"></script>
<script src="/js/utils.js"></script><script src="/js/motion.js"></script><script src="/js/next-boot.js"></script>

  















  

  

</body>
</html>
